Introduction
- The Public Service Co-ordinating Bargaining Council (“PSCBC”), General Public Service Sector Bargaining Council (“GPSSBC”) and Safety & Security Bargaining Council (“SSSBC”) take data protection extremely seriously and is committed to protecting the personal information of all its data subjects.
- In accordance with section 22 of the Protection of Personal Information Act, 2013 (“POPIA”), the PBCBC,GPSSBC and SSSBC hereby inform you of a security compromise that may affect your personal information.
Security incident and remediation of the effects of the incident
- On 24 February 2023, the PSCBC, GPSSBC & SSSBC experienced a cyber-attack on their information communication technology (ICT) systems. This attack resulted in the PSCBC, GPSSBC & SSSBC not being able to access the ICT systems.
- Upon becoming aware of the cyber-attack, the PSCBC, GPSSBC & SSSBC began with the process of recovering and backing up the affected data to prevent data loss, and appointed third-party IT experts to take all necessary measures to reduce the extent of the security compromise and prevent any further security incidents.
- On 28 February, the PSCBC, GPSSBC & SSSBC experienced a second cyber-attack, which resulted in all employees of the Councils being locked out of the ICT system.
- Our investigations are ongoing and, at this stage in the process, we do not have any information regarding the identity of the person who launched the cyber-attack.
- As a result, data subjects’ personal information that was being stored on the ICT system was compromised. The categories of personal information that we suspect have been compromised are:
- Names of public servants
- Persal numbers
- Levy amounts
- Bank details
- Council member bank details
- Trade union bank details
- Government department bank details
- Staff member names
- Staff member ID numbers
- Staff member bank details
- Panellist ID numbers
- Upon discovering the security compromise, we took the following remediation steps to address the security compromise:
- we informed the South African Police Services, Directorate for Priority Crime Investigation (the Hawks), and the National Intelligence Agency;
- we procured an independent investigator and ICT experts to conduct forensic investigations in order to provide more details on the security compromise;
- we have recalled all of the computers that are used by employees of the PSCBC and we are currently screening all laptops to ensure that malicious code/software was not deployed on the hardware; and
- we have updated the anti-malware software on all computers within the organisation.
- Upon discovering the security compromise, we took the following remediation steps to address the security compromise:
Potential impact to your personal information
- It is important to note that access to personal information can create opportunities for criminals to impersonate you but does not guarantee access to your banking profile or accounts.
- As such, we highly recommend that you do not disclose personal information such as passwords, PINs, and any other sensitive information when asked to do so by phone, fax, text messages or email, and that you monitor activity on your bank accounts and check credit reports regularly to identify any suspicious activity.
- We also recommend that you take the following measures to mitigate any possible adverse effects of this incident:
- do not click on links or attachments from senders that you do not recognise. Be especially wary of .zip or other compressed or executable file types;
- change your account passwords;
- set up multi-factor verification for bank accounts and other important accounts; and
- be alert for email senders that use suspicious or misleading domain names.
We understand that this security compromise can create uncertainty and we are committed to addressing your concerns. If you have any questions regarding this incident please contact the following person:
Enquiries
PSCBC: Oomang Parag 082 319 1198
GPSSBC: Ephafrus Kgofelo 082 346 2992
SSSBC: Tiny Mogara 076 153 9925